<%-- 
    Document   : index
    Created on : Jan 13, 2012, 8:09:13 PM
    Author     : Marcelo Korn & Oleg Ruchlis
--%>

<%@page import="java.util.List"%>
<%@page import="java.sql.SQLException"%>
<%@page import="databasePackage.ListEntry"%>
<%@page import="databasePackage.DatabaseUrl"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>

<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>ex4 by Korn Marcelo & Ruchlis Oleg</title>
        <link rel="stylesheet" type="text/css" href="ex4_css.css" title="myStyle">
    </head>
    <body>
        <%
            // will indicate a login error
            boolean errMsg = false;
            // checking username attribute (this attribute is set after login).
            String sessionUsername = (String)session.getAttribute("username");
            // !null => this user is already logged in
            if(sessionUsername != null)
            { // redirecting the user to the loggedin page.
        %>
    <jsp:forward page="loggedin.jsp"/>
        <%
            }
            // checking if a form had been sent
            if ((request.getParameter("loginform")!= null) ) 
            {
                // assuming error occured (otherwise user is redirected)
                errMsg = true;
                // reading username
                String username = request.getParameter("username");
                //reading password
                String password = request.getParameter("password");

                // username isn't case sensetive
                username = username.toLowerCase().trim();
                // password is case sensetinve.
                password = password.trim();

                // connecting to the Database.
                DatabaseUrl db = new DatabaseUrl("ex4");
                try
                {
                    db.connect();
                }
                catch(SQLException ex)
                {   // printing error message.
                    out.println("Error: " + ex.getMessage() + "\r\n" 
                                + "Couldn't connect to the database."); 
                }

                List<ListEntry> listEntries = null;

                try 
                {
                    // receiving a list of all entries in the database
                    listEntries = db.getListEntries();
                }

                catch (SQLException ex) 
                {
                    out.println("Error: " + ex.getMessage() + "\r\n" 
                                + "Couldn't retrieve list of entries in "
                                + "the database."); 
                }

                // going through each entry in the list (all users in the DB)
                for (ListEntry entry : listEntries)
                {
                    // checking for a match of the username and the password
                    if(entry.username.equals(username) && entry.password.equals(password))
                    {
                        // setting the attribute (indicates that a user is logged).
                        session.setAttribute("username", username);
                        // updating the application attribute of all connected users
                        String currentUsers = (String)application.getAttribute("users");
                        currentUsers = (currentUsers == null ? "" : currentUsers);
                        currentUsers += username + "\r\n";
                        application.setAttribute("users", currentUsers);
                        break;
                    }
                }
            } 
        %>
        <h1>Hello and welcome to ex4!</h1>
        <h2>Login form</h2>
        <%
            // cheking if this session belongs to a user that is already logged.
            String myname = (String)session.getAttribute("username");
            if(myname != null)
            {
        %>
            <jsp:forward page="loggedin.jsp"/>
        <%
            }
            else 
            {
                // printing an error message if a form was sent and still reached here
                if(errMsg)
                {
        %>
                    <font> Wrong username or password!</font>
        <%
                }
        %>
        <form action="index.jsp" method="post">
            <input type="hidden" name="loginform" value="1"/>
                <table>
                    <tr>
                        <td> Username  : </td><td> <input name="username" size=15 type="text" /> </td> 
                    </tr>
                    <tr>
                        <td> Password  : </td><td> <input name="password" size=15 type="text" /> </td> 
                    </tr>
                </table>
            <input type="submit" value="login" />
        </form>
        <% 
            }
        %>
        <p>
            Not registered yet?<br>
            Please register
            <a href="registration.jsp"> here.</a>
        </p>
    </body>
</html>
